Newsvine Fraud News

February 21, 2013

Threats Associated with BYOD

The use of mobile
devices among the global workforce is not a new concept, but the introduction
of user ownership is a trend that has just gained momentum in the last few
years. Professionals in a wide range of industries are relying on their own
mobile devices to support the balance between work and home, introducing a
whole new set of risks for the corporate network when the proper policies and
controls are not in place.

While BYOD (Bring Your Own Device) offers plenty of benefits for the enterprise
and the employee, a strategic approach is necessary to mitigate the risks
associated with users accessing the network and supported applications from
outside of the corporate firewall. Let’s take a look at some of the threats
that exist with BYOD and what you need to do to protect your network, your
users and your proprietary information.

Lacking a Robust Policy – Now that
users are accustomed to relying on their own devices to access the network and
their personal email, they also need to know what is acceptable use, who has
access to their device(s), and what will happen if the device or the
information contained within the device is compromised. An effective policy
outlines expectations and outcomes, while also providing for the proper sharing
of information so all employees are informed.

Weak Authentication Methods – It’s a
given that employees will need unique user names and passwords to access the
corporate network, but it’s also a given that such information is easily
captured by hackers. It’s critical that IT management implements and enforces
strong authentication methods and limits access to applications. Strong
authentication methods demand constant monitoring and regular updates to ensure
any breach is immediately identified and mitigated.

No Visibility or Control over Devices –
Employees often prefer BYOD as a concept as it suggests they have complete
control over their mobile device. While the physical control may remain, IT
management establishes its own control over the device with mobile device
management or other applications that provide remote access and complete
visibility. Access to such technology ensures IT always knows what devices are
accessing the network and can immediately locate, lock and wipe clean any
compromised or lost device.

Applications – While a number of
applications exist to promote the activities of the professional in the field,
a larger number exist to waste time or access proprietary information with
malicious intent. Any applications downloaded by the user without IT approval
are a risk to the corporate network. The simple scan of a QR code could quickly
launch malware on the device, with reach into any network to which it is
connected. The corporate policy must define what constitutes an approved
application and how to avoid downloading malicious software.

While this list
merely scratches the surface of the threats that exist with BYOD, it still
provides clear insight into what you need to consider within your own
environment. Whether yours is a large enterprise, small- to medium-sized
business or sole proprietorship, any mobile device used to access your network,
server or other IT assets presents a threat to your operation. Before allowing
BYOD to flourish, put the right strategy in place to support only the safe use
of all mobile devices.